CN101572704B - 一种适合三元对等鉴别可信网络连接架构的访问控制方法 - Google Patents

一种适合三元对等鉴别可信网络连接架构的访问控制方法 Download PDF

Info

Publication number
CN101572704B
CN101572704B CN2009100229113A CN200910022911A CN101572704B CN 101572704 B CN101572704 B CN 101572704B CN 2009100229113 A CN2009100229113 A CN 2009100229113A CN 200910022911 A CN200910022911 A CN 200910022911A CN 101572704 B CN101572704 B CN 101572704B
Authority
CN
China
Prior art keywords
access
taep
authentication protocol
protocol data
control method
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Active
Application number
CN2009100229113A
Other languages
English (en)
Chinese (zh)
Other versions
CN101572704A (zh
Inventor
肖跃雷
曹军
黄振海
葛莉
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
China Iwncomm Co Ltd
Original Assignee
China Iwncomm Co Ltd
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by China Iwncomm Co Ltd filed Critical China Iwncomm Co Ltd
Priority to CN2009100229113A priority Critical patent/CN101572704B/zh
Publication of CN101572704A publication Critical patent/CN101572704A/zh
Priority to US13/377,098 priority patent/US8719897B2/en
Priority to PCT/CN2009/075444 priority patent/WO2010142115A1/zh
Priority to EP09845724.5A priority patent/EP2442516B1/en
Priority to JP2012514320A priority patent/JP5581382B2/ja
Priority to KR1020117031058A priority patent/KR101434614B1/ko
Application granted granted Critical
Publication of CN101572704B publication Critical patent/CN101572704B/zh
Active legal-status Critical Current
Anticipated expiration legal-status Critical

Links

Images

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/08Network architectures or network communication protocols for network security for authentication of entities
    • H04L63/0869Network architectures or network communication protocols for network security for authentication of entities for achieving mutual authentication
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/08Network architectures or network communication protocols for network security for authentication of entities
    • H04L63/0876Network architectures or network communication protocols for network security for authentication of entities based on the identity of the terminal or configuration, e.g. MAC address, hardware or software configuration or device fingerprint
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/32Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials

Landscapes

  • Engineering & Computer Science (AREA)
  • Computer Security & Cryptography (AREA)
  • Computer Networks & Wireless Communication (AREA)
  • Signal Processing (AREA)
  • Computer Hardware Design (AREA)
  • Computing Systems (AREA)
  • General Engineering & Computer Science (AREA)
  • Power Engineering (AREA)
  • Data Exchanges In Wide-Area Networks (AREA)
  • Small-Scale Networks (AREA)
  • Storage Device Security (AREA)
  • Computer And Data Communications (AREA)
CN2009100229113A 2009-06-08 2009-06-08 一种适合三元对等鉴别可信网络连接架构的访问控制方法 Active CN101572704B (zh)

Priority Applications (6)

Application Number Priority Date Filing Date Title
CN2009100229113A CN101572704B (zh) 2009-06-08 2009-06-08 一种适合三元对等鉴别可信网络连接架构的访问控制方法
US13/377,098 US8719897B2 (en) 2009-06-08 2009-12-09 Access control method for tri-element peer authentication credible network connection structure
PCT/CN2009/075444 WO2010142115A1 (zh) 2009-06-08 2009-12-09 一种适合三元对等鉴别可信网络连接架构的访问控制方法
EP09845724.5A EP2442516B1 (en) 2009-06-08 2009-12-09 Access control method for tri-element peer authentication credible network connection structure
JP2012514320A JP5581382B2 (ja) 2009-06-08 2009-12-09 3要素ピア認証信頼可能ネットワークアクセスアーキテクチャーに適するアクセス制御方法
KR1020117031058A KR101434614B1 (ko) 2009-06-08 2009-12-09 3-요소 피어 인증 기반의 신뢰성 있는 네트워크 연결 구조를 위한 액세스 제어 방법

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN2009100229113A CN101572704B (zh) 2009-06-08 2009-06-08 一种适合三元对等鉴别可信网络连接架构的访问控制方法

Publications (2)

Publication Number Publication Date
CN101572704A CN101572704A (zh) 2009-11-04
CN101572704B true CN101572704B (zh) 2012-05-23

Family

ID=41231941

Family Applications (1)

Application Number Title Priority Date Filing Date
CN2009100229113A Active CN101572704B (zh) 2009-06-08 2009-06-08 一种适合三元对等鉴别可信网络连接架构的访问控制方法

Country Status (6)

Country Link
US (1) US8719897B2 (ko)
EP (1) EP2442516B1 (ko)
JP (1) JP5581382B2 (ko)
KR (1) KR101434614B1 (ko)
CN (1) CN101572704B (ko)
WO (1) WO2010142115A1 (ko)

Families Citing this family (9)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN101572704B (zh) 2009-06-08 2012-05-23 西安西电捷通无线网络通信股份有限公司 一种适合三元对等鉴别可信网络连接架构的访问控制方法
CN101662410B (zh) * 2009-09-22 2012-07-04 西安西电捷通无线网络通信股份有限公司 一种基于隧道技术的三元鉴别可扩展方法及其系统
CN101707621B (zh) * 2009-12-11 2012-05-09 西安西电捷通无线网络通信股份有限公司 一种适合三元对等鉴别可信网络连接架构的网络传输方法
CN101741726B (zh) * 2009-12-18 2012-11-14 西安西电捷通无线网络通信股份有限公司 一种支持多受控端口的访问控制方法及其系统
JP5624219B2 (ja) 2010-10-13 2014-11-12 西安西▲電▼捷通▲無▼綫▲網▼絡通信股▲分▼有限公司Chinaiwncomm Co., Ltd. ネットワークアクセス制御方法およびシステム
CN101958908B (zh) * 2010-10-13 2012-08-08 西安西电捷通无线网络通信股份有限公司 网络访问控制方法及系统
CN102006291A (zh) * 2010-11-10 2011-04-06 西安西电捷通无线网络通信股份有限公司 一种适合可信连接架构的网络传输方法及系统
US20140136208A1 (en) * 2012-11-14 2014-05-15 Intermec Ip Corp. Secure multi-mode communication between agents
US20220059216A1 (en) * 2020-08-20 2022-02-24 Centurylink Intellectual Property Llc Home Health Monitoring of Patients via Extension of Healthcare System Network Into Customer Premises

Citations (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN101136928A (zh) * 2007-10-19 2008-03-05 北京工业大学 一种可信网络接入框架
CN101242266A (zh) * 2007-08-01 2008-08-13 西安西电捷通无线网络通信有限公司 一种基于三元对等鉴别的可信网络连接方法
CN101360020A (zh) * 2008-09-28 2009-02-04 西安电子科技大学 基于eap的ieee802.1x安全协议的仿真平台及方法
CN101447992A (zh) * 2008-12-08 2009-06-03 西安西电捷通无线网络通信有限公司 一种基于三元对等鉴别的可信网络连接实现方法

Family Cites Families (8)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US7389529B1 (en) 2003-05-30 2008-06-17 Cisco Technology, Inc. Method and apparatus for generating and using nested encapsulation data
CA2632590A1 (en) 2005-12-09 2008-02-28 Signacert, Inc. Method to verify the integrity of components on a trusted platform using integrity database services
JP4728871B2 (ja) * 2006-05-08 2011-07-20 株式会社日立製作所 機器検疫方法、検疫機器、集約クライアント管理機器、集約クライアント管理プログラム、ネットワーク接続機器およびユーザ端末
JP2008141352A (ja) * 2006-11-30 2008-06-19 Toshiba Corp ネットワークセキュリティシステム
CN100566252C (zh) * 2007-08-03 2009-12-02 西安西电捷通无线网络通信有限公司 一种基于三元对等鉴别的可信网络连接系统
JP2009118267A (ja) * 2007-11-07 2009-05-28 Nippon Telegr & Teleph Corp <Ntt> 通信ネットワークシステム、通信ネットワーク制御方法、通信制御装置、通信制御プログラム、サービス制御装置およびサービス制御プログラム
CN100553212C (zh) * 2007-11-16 2009-10-21 西安西电捷通无线网络通信有限公司 一种基于三元对等鉴别的可信网络接入控制系统
CN101572704B (zh) * 2009-06-08 2012-05-23 西安西电捷通无线网络通信股份有限公司 一种适合三元对等鉴别可信网络连接架构的访问控制方法

Patent Citations (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN101242266A (zh) * 2007-08-01 2008-08-13 西安西电捷通无线网络通信有限公司 一种基于三元对等鉴别的可信网络连接方法
CN101136928A (zh) * 2007-10-19 2008-03-05 北京工业大学 一种可信网络接入框架
CN101360020A (zh) * 2008-09-28 2009-02-04 西安电子科技大学 基于eap的ieee802.1x安全协议的仿真平台及方法
CN101447992A (zh) * 2008-12-08 2009-06-03 西安西电捷通无线网络通信有限公司 一种基于三元对等鉴别的可信网络连接实现方法

Also Published As

Publication number Publication date
KR101434614B1 (ko) 2014-08-26
WO2010142115A1 (zh) 2010-12-16
JP2012529795A (ja) 2012-11-22
EP2442516B1 (en) 2019-09-18
JP5581382B2 (ja) 2014-08-27
EP2442516A4 (en) 2017-03-15
CN101572704A (zh) 2009-11-04
US20120079561A1 (en) 2012-03-29
KR20120017079A (ko) 2012-02-27
EP2442516A1 (en) 2012-04-18
US8719897B2 (en) 2014-05-06

Similar Documents

Publication Publication Date Title
CN101572704B (zh) 一种适合三元对等鉴别可信网络连接架构的访问控制方法
US11930007B2 (en) Methods for internet communication security
US10630642B2 (en) Methods for internet communication security
US10397186B2 (en) Methods for internet communication security
CN100512109C (zh) 验证接入主机安全性的访问认证系统和方法
CN103647772A (zh) 一种对网络数据包进行可信访问控制的方法
Frankel et al. Guide to IPsec VPNs:.
CA3077203A1 (en) Methods for internet communication security
EP2159988B1 (en) Authentication and authorisation of a remote client
CN109088870A (zh) 一种新能源厂站发电单元采集终端安全接入平台的方法
CN107172020A (zh) 一种网络数据安全交换方法及系统
US20110252231A1 (en) Rekey scheme on high speed links
CN107231368A (zh) 提升面向互联网开放的软件接口安全性的方法
CN110266725A (zh) 密码安全隔离模块及移动办公安全系统
US20070150947A1 (en) Method and apparatus for enhancing security on an enterprise network
US11165773B2 (en) Network device and method for accessing a data network from a network component
CN101867588A (zh) 一种基于802.1x的接入控制系统
CN101272379A (zh) 基于IEEE802.1x安全认证协议的改进方法
CN101820414A (zh) 一种主机接入控制系统及方法
EP2211496A1 (en) Key management method
CN101707621B (zh) 一种适合三元对等鉴别可信网络连接架构的网络传输方法
CN112491886A (zh) 基于网络系统的安全控制方法、系统、装置和存储介质
Youssef et al. Scrambling and encrypting-based authentication for open networks communications
Feldhusen et al. Low Assurance Protection Profile for a VPN gateway
KR20070103558A (ko) 사내 메신저를 사용자 단말에 제공하는 방법

Legal Events

Date Code Title Description
C06 Publication
PB01 Publication
C10 Entry into substantive examination
SE01 Entry into force of request for substantive examination
C14 Grant of patent or utility model
GR01 Patent grant